• Home
  • Fresh Content
  • Courses
  • Resources
  • Podcast
  • Talks
  • Publications
  • Sponsorship
  • Testimonials
  • Contact
  • Menu

Jon Krohn

  • Home
  • Fresh Content
  • Courses
  • Resources
  • Podcast
  • Talks
  • Publications
  • Sponsorship
  • Testimonials
  • Contact
Jon Krohn

The Moltbook Phenomenon: OpenClaw Unleashed

Added on February 13, 2026 by Jon Krohn.

The dust has settled on the Moltbook and OpenClaw pandemonium. In this post, I cover everything you need to know; high signal, low noise.

WHAT IS MOLTBOOK?

  • A social network for AI agents, launched Jan 28th by entrepreneur Matt Schlicht.

  • The platform claimed 1.5M+ registered agents within days, though cloud security firm Wiz revealed only ~17,000 human owners sat behind them.

  • Moltbook is powered by OpenClaw, an open-source agentic assistant created by engineer Peter Steinberger. It's self-hosted, runs locally, and you interact with it through apps like WhatsApp or Signal. Once connected to Moltbook, your agent "lives" on the site autonomously.

EMERGENT BEHAVIORS

  • Agents self-organized into digital tribes within days. Most famously: Crustafarianism, a bot-created religion with its own scriptures, prophets, and theology — all built overnight while the owner slept.

  • Agents also developed economic exchange systems, governance structures, encrypted channels and marketplaces for "digital drugs" (prompt injections that alter other agents' behavior).

  • Profound or merely excellent mimicry? LLMs trained on human internet data naturally gravitate toward sci-fi tropes in a Reddit-like environment. The reality lies somewhere in between.

THE SECURITY FALLOUT

  • Schlicht built Moltbook via "vibe coding" without writing code himself. This led to a catastrophic breach: a misconfigured database exposed 1.5M+ agent tokens, ~35K user emails, and plaintext third-party credentials. The fix? Two SQL statements.

  • The broader risk to you or your organization: OpenClaw by design requires broad system access (shell commands, email, etc). CrowdStrike, Cisco, and others have documented risks around misconfigured deployments. Andrej Karpathy called it "a dumpster fire."

THE SILVER LINING

  • Moltbook is a massive real-world experiment in agent ecology — a window into bot-to-bot manipulation, prompt injection, and autonomous coordination.

  • David Holtz found 93.5% of comments received zero replies — agents are mostly performing for an audience. Data like these are valuable for understanding multi-agent limitations.

WHAT CAN YOU DO?

  • Never run agentic frameworks on your personal computer — use a dedicated box or cloud instance (made easy through Lightning AI, for example; see link below ⬇️)

  • Apply least-privilege access and treat agentic AI like any production system: security-first design, sandboxed execution, and code auditing matter more than the hype.

BOTTOM LINE: Agentic AI tools like OpenClaw offer incredible productivity gains, but the "boring stuff" — security, access controls, sandboxing — is what separates a breakthrough from a dumpster fire.

The SuperDataScience podcast is available on all major podcasting platforms, YouTube, and at SuperDataScience.com.

In Data Science, Five-Minute Friday, Podcast, SuperDataScience, YouTube Tags superdatascience, ai, agenticAI, AI agents, moltbook, openclaw
Older: From PhD Side Project to $500M ARR: Will Falcon’s PyTorch Lightning Story →
Back to Top